Until April fools. Seriously, is this a joke? Maybe if they have a juicy gov't contract that'll buy these up. Other than that every company is just going to buy a Windows tablet for a $1000 and put their own security software (which is already certified and tested up the wazoo) on it.
With Windows, you get security updates every second Tuesday. For free, for years, and in a timely fashion.
On Android, you are lucky if Google deems a bug worthy of fixing. The best sandboxing is useless if the OS itself has known and remote exploitable security issues, as Android usually does.
On Android, you are lucky if Google deems a bug worthy of fixing.
I'm a member of Google's Android security team, and I want to correct this. The only component in which Google doesn't fix bugs is the old Webview implementation. I'm not going to try to explain or defend that decision, just note that at this point we think it's more productive to get apps to stop using it to display untrusted content on pre-4.4 Android. Outside of that, Google does provide fixes to all significant issues that are reported to us, and we provide those fixes to device manufacturers, at no cos
We appreciate you doing what you can to fix some of these holes. However, Google appears to have no teeth which to use to get the handset manufacturers to actually update their products.
There can be software fixes for every single issue, but if they never get deployed, it does nothing to solve the issues.
Yes, this is a big issue. Huge. It's a clear consequence of the open source nature of Android, which has a lot of value in other ways. This is a fundamental tension between openness and modifiability and security.
My best recommendation: Buy Nexus devices which are guaranteed to get timely updates. Granted that if you are the sort of person who wants to use the same device for 3+ years that doesn't necessarily solve your problem, because even Nexus devices fall out of support fairly quickly. I actually exp
And on the seventh day, He exited from append mode.
Um... it's 16 days (Score:5, Insightful)
Re: (Score:3)
This.
With Windows, you get security updates every second Tuesday. For free, for years, and in a timely fashion.
On Android, you are lucky if Google deems a bug worthy of fixing. The best sandboxing is useless if the OS itself has known and remote exploitable security issues, as Android usually does.
Re: (Score:5, Insightful)
On Android, you are lucky if Google deems a bug worthy of fixing.
I'm a member of Google's Android security team, and I want to correct this. The only component in which Google doesn't fix bugs is the old Webview implementation. I'm not going to try to explain or defend that decision, just note that at this point we think it's more productive to get apps to stop using it to display untrusted content on pre-4.4 Android. Outside of that, Google does provide fixes to all significant issues that are reported to us, and we provide those fixes to device manufacturers, at no cos
Re:Um... it's 16 days (Score:2)
We appreciate you doing what you can to fix some of these holes. However, Google appears to have no teeth which to use to get the handset manufacturers to actually update their products.
There can be software fixes for every single issue, but if they never get deployed, it does nothing to solve the issues.
Re: (Score:2)
Yes, this is a big issue. Huge. It's a clear consequence of the open source nature of Android, which has a lot of value in other ways. This is a fundamental tension between openness and modifiability and security.
My best recommendation: Buy Nexus devices which are guaranteed to get timely updates. Granted that if you are the sort of person who wants to use the same device for 3+ years that doesn't necessarily solve your problem, because even Nexus devices fall out of support fairly quickly. I actually exp